Lucene search
HistoryJan 27, 2005 - 5:00 a.m.
CVE-2004-0929
cve-2004-0929
buffer overflow
ojpegvsetfield
libtiff
remote code execution
nvd
8.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.035 Low
EPSS
Percentile
91.5%
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.
Related
cvelist
cvelist
CVE-2004-0929
2004-10-26 04:00:00
cert
cert
SuSe Linux LibTIFF package vulnerable to buffer overflow
2004-12-01 00:00:00
nessus
nessus
SUSE-SA:2004:038: libtiff
2004-10-22 00:00:00
openvas
openvas
SLES9: Security update for libtiff
2009-10-10 00:00:00
SLES9: Security update for libtiff
2009-10-10 00:00:00
suse
suse
local privilege escalation in libtiff
2004-10-22 14:52:41
8.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.035 Low
EPSS
Percentile
91.5%
Related for CVE-2004-0929